This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft File: 001KO3R_ynAQOxfz29xQRcrOMt8.mft (raw, json) Hash identifier: baAMMqX1Qop2AobmrKN2GUzQACwzTXQER/P36b+amuc= Subject key identifier: 2C:E9:7A:96:92:79:BA:B6:2F:8F:B4:9E:2C:0D:59:72:32:23:A6:00 Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF Certificate issuer: /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df Certificate serial: 019AF2AD69229D2F459B7F8945E655CC229E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 08:00:42 +0000 Manifest this update: Sat 06 Dec 2025 08:00:42 +0000 Manifest next update: Sun 07 Dec 2025 08:00:42 +0000 Files and hashes: 1: 001KO3R_ynAQOxfz29xQRcrOMt8.crl (hash: H9tLcMLy7VBQX0EoQ7JSjYTEKv5BDzGG21XI53y/k7k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:69:22:9d:2f:45:9b:7f:89:45:e6:55:cc:22:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df Validity Not Before: Dec 6 08:00:42 2025 GMT Not After : Dec 7 08:00:42 2025 GMT Subject: CN=2ce97a969279bab62f8fb49e2c0d59723223a600 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:a2:43:82:49:bd:f0:6c:0f:40:cd:8a:cd:33: 1d:6d:38:7b:11:f6:64:56:75:dd:a2:94:b0:58:07: b4:8e:d1:7d:e8:95:e3:50:f0:1d:dc:c6:f8:37:11: c4:af:0e:cd:31:95:79:58:c3:07:65:3d:8d:04:49: 9f:17:b8:8d:7d:01:10:b8:13:e0:e3:7c:b0:db:7b: 3e:eb:10:46:31:d0:e1:cc:b8:97:60:97:a6:91:16: 9f:db:8c:5c:a4:f8:23:5c:23:7a:6b:39:66:d8:d2: cd:d0:7d:c9:ee:ea:d5:d1:18:16:ba:29:2a:eb:81: 60:60:a7:4e:5f:70:f5:cc:ce:c5:a6:87:85:b7:5a: 22:49:62:ab:74:22:ab:67:d8:5b:d2:ef:1a:cf:81: ee:71:36:18:bf:2a:27:f8:39:35:10:ce:63:2e:0d: c2:13:39:74:98:e3:27:b7:73:ec:29:85:92:98:02: b0:da:01:56:10:fe:15:12:6d:ae:35:8d:e4:ba:cf: 7a:46:c7:25:4d:3e:bc:bf:35:9d:8c:0a:2b:ae:12: 52:c6:e7:1b:26:b1:62:09:d0:90:4b:fa:ac:58:e5: 36:b1:8d:dc:91:27:e6:e7:30:18:f8:d2:e2:c4:10: 23:cb:e1:6c:03:34:c2:52:22:7c:f4:f9:d8:a5:09: 6f:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:E9:7A:96:92:79:BA:B6:2F:8F:B4:9E:2C:0D:59:72:32:23:A6:00 X509v3 Authority Key Identifier: keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:8e:b4:d6:4c:81:2f:4d:e2:f1:82:86:63:ae:b0:eb:e6:1a: 44:d6:60:b3:2c:4c:15:81:1a:3a:a8:6e:03:17:b6:17:85:bd: 21:8e:8e:a1:18:9d:2b:da:b0:c0:ea:7e:36:c9:52:c3:c7:e8: ab:f9:4f:17:f3:8b:25:65:66:42:95:78:90:5b:e6:2c:b2:00: 05:83:f8:71:43:11:06:e3:66:c6:13:e1:1b:da:bb:c8:9c:3a: fc:1c:e4:ad:0b:21:e9:4e:27:7b:83:0e:c8:7e:e5:c3:ac:19: e2:f0:bd:af:f4:a3:58:0c:25:c4:7f:ee:50:4f:d8:44:58:e1: 64:5a:29:c7:a5:f0:cd:51:65:21:c1:0a:c6:23:ce:5b:cc:ad: c7:fe:e1:84:45:4a:c9:4b:34:13:23:45:95:41:5d:a2:72:1c: bf:07:32:55:c9:bd:eb:e1:c1:82:df:84:c3:75:8e:37:1f:6a: f3:a4:c1:cf:55:29:44:9c:1b:e2:db:05:c0:da:b2:d1:4e:05: e9:25:66:b2:2f:e5:0d:8e:0b:eb:e3:f4:10:b9:6a:65:f4:40: 98:22:f2:b9:0d:71:6b:0a:64:1b:2d:0d:f3:be:ed:b7:d6:5e: b9:b2:04:6b:e4:0d:e3:1b:5d:7e:16:7b:34:e6:10:ee:7b:42: ff:0e:ff:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrWkinS9Fm3+JReZVzCKeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj ZTMyZGYwHhcNMjUxMjA2MDgwMDQyWhcNMjUxMjA3MDgwMDQyWjAzMTEwLwYDVQQD EygyY2U5N2E5NjkyNzliYWI2MmY4ZmI0OWUyYzBkNTk3MjMyMjNhNjAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6JDgkm98GwPQM2KzTMdbTh7EfZk VnXdopSwWAe0jtF96JXjUPAd3Mb4NxHErw7NMZV5WMMHZT2NBEmfF7iNfQEQuBPg 43yw23s+6xBGMdDhzLiXYJemkRaf24xcpPgjXCN6azlm2NLN0H3J7urV0RgWuikq 64FgYKdOX3D1zM7FpoeFt1oiSWKrdCKrZ9hb0u8az4HucTYYvyon+Dk1EM5jLg3C Ezl0mOMnt3PsKYWSmAKw2gFWEP4VEm2uNY3kus96RsclTT68vzWdjAorrhJSxucb JrFiCdCQS/qsWOU2sY3ckSfm5zAY+NLixBAjy+FsAzTCUiJ89PnYpQlv7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCzpepaSebq2L4+0niwNWXIyI6YAMB8GA1UdIwQY MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt NDM3OTM0YzU4NDUzLzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIo601kyB L03i8YKGY66w6+YaRNZgsyxMFYEaOqhuAxe2F4W9IY6OoRidK9qwwOp+NslSw8fo q/lPF/OLJWVmQpV4kFvmLLIABYP4cUMRBuNmxhPhG9q7yJw6/BzkrQsh6U4ne4MO yH7lw6wZ4vC9r/SjWAwlxH/uUE/YRFjhZFopx6XwzVFlIcEKxiPOW8ytx/7hhEVK yUs0EyNFlUFdonIcvwcyVcm96+HBgt+Ew3WONx9q86TBz1UpRJwb4tsFwNqy0U4F 6SVmsi/lDY4L6+P0ELlqZfRAmCLyuQ1xawpkGy0N877tt9ZeubIEa+QN4xtdfhZ7 NOYQ7ntC/w7/kQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:29:12 2025 by rpki-client